[Pkg-openssl-changes] r921 - in openssl/branches/1.1.0/debian: . patches
Kurt Roeckx
kroeckx at moszumanska.debian.org
Thu Nov 2 15:41:31 UTC 2017
Author: kroeckx
Date: 2017-11-02 15:41:31 +0000 (Thu, 02 Nov 2017)
New Revision: 921
Removed:
openssl/branches/1.1.0/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch
openssl/branches/1.1.0/debian/patches/Fix-a-Proxy-race-condition.patch
Modified:
openssl/branches/1.1.0/debian/changelog
openssl/branches/1.1.0/debian/patches/no-symbolic.patch
Log:
Make patches apply
Modified: openssl/branches/1.1.0/debian/changelog
===================================================================
--- openssl/branches/1.1.0/debian/changelog 2017-11-02 15:38:32 UTC (rev 920)
+++ openssl/branches/1.1.0/debian/changelog 2017-11-02 15:41:31 UTC (rev 921)
@@ -3,8 +3,10 @@
* New upstream version
- Fixes CVE-2017-3735
- Fixes CVE-2017-3736
+ * Remove patches applied upstream
* Temporary enable TLS 1.0 and 1.1 again (#875423)
* Attempt to fix testsuite race condition
+ * update no-symbolic.patch to apply
-- Kurt Roeckx <kurt at roeckx.be> Thu, 02 Nov 2017 15:22:48 +0100
Deleted: openssl/branches/1.1.0/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch 2017-11-02 15:38:32 UTC (rev 920)
+++ openssl/branches/1.1.0/debian/patches/0001-Only-release-thread-local-key-if-we-created-it.patch 2017-11-02 15:41:31 UTC (rev 921)
@@ -1,47 +0,0 @@
-From 73bc53708c386c1ea85941d345721e23dc61c05c Mon Sep 17 00:00:00 2001
-From: Rich Salz <rsalz at openssl.org>
-Date: Wed, 31 May 2017 12:14:55 -0400
-Subject: [PATCH] Only release thread-local key if we created it.
-
-Thanks to Jan Alexander Steffens for finding the bug and confirming the
-fix.
-
-Reviewed-by: Richard Levitte <levitte at openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/3592)
----
- crypto/err/err.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/crypto/err/err.c b/crypto/err/err.c
-index f866f2fdd0..c55f849590 100644
---- a/crypto/err/err.c
-+++ b/crypto/err/err.c
-@@ -122,6 +122,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = {
- #endif
-
- static CRYPTO_ONCE err_init = CRYPTO_ONCE_STATIC_INIT;
-+static int set_err_thread_local;
- static CRYPTO_THREAD_LOCAL err_thread_local;
-
- static CRYPTO_ONCE err_string_init = CRYPTO_ONCE_STATIC_INIT;
-@@ -260,7 +261,8 @@ DEFINE_RUN_ONCE_STATIC(do_err_strings_init)
-
- void err_cleanup(void)
- {
-- CRYPTO_THREAD_cleanup_local(&err_thread_local);
-+ if (set_err_thread_local != 0)
-+ CRYPTO_THREAD_cleanup_local(&err_thread_local);
- CRYPTO_THREAD_lock_free(err_string_lock);
- err_string_lock = NULL;
- }
-@@ -639,6 +641,7 @@ void ERR_remove_state(unsigned long pid)
-
- DEFINE_RUN_ONCE_STATIC(err_do_init)
- {
-+ set_err_thread_local = 1;
- return CRYPTO_THREAD_init_local(&err_thread_local, NULL);
- }
-
---
-2.11.0
-
Deleted: openssl/branches/1.1.0/debian/patches/Fix-a-Proxy-race-condition.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/Fix-a-Proxy-race-condition.patch 2017-11-02 15:38:32 UTC (rev 920)
+++ openssl/branches/1.1.0/debian/patches/Fix-a-Proxy-race-condition.patch 2017-11-02 15:41:31 UTC (rev 921)
@@ -1,81 +0,0 @@
-From 523ea2721581cf9eaa20036327b53b36ba2135ba Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt at openssl.org>
-Date: Fri, 26 May 2017 13:06:08 +0100
-Subject: [PATCH] Fix a Proxy race condition
-
-Issue #3562 describes a problem where a race condition can occur in the
-Proxy such that a test "ok" line can appear in the middle of other text
-causing the test harness to miss it. The issue is that we do not wait for
-the client process to finish after the test is complete, so that process may
-continue to write data to stdout/stderr at the same time that the test
-harness does.
-
-This commit fixes TLSProxy so that we always wait for the client process to
-finish before continuing.
-
-Fixes #3562
-
-Reviewed-by: Richard Levitte <levitte at openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/3567)
-(cherry picked from commit b72668a0d3586ee2560f0536c43e18991a4cfc6f)
----
- util/TLSProxy/Proxy.pm | 15 +++++++++++++++
- 1 file changed, 15 insertions(+)
-
-diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm
-index bdb2cd8b5c..141cf53982 100644
---- a/util/TLSProxy/Proxy.pm
-+++ b/util/TLSProxy/Proxy.pm
-@@ -42,6 +42,7 @@ sub new
- clientflags => "",
- serverconnects => 1,
- serverpid => 0,
-+ clientpid => 0,
- reneg => 0,
-
- #Public read
-@@ -104,6 +105,7 @@ sub clearClient
- $self->{record_list} = [];
- $self->{message_list} = [];
- $self->{clientflags} = "";
-+ $self->{clientpid} = 0;
-
- TLSProxy::Message->clear();
- TLSProxy::Record->clear();
-@@ -225,6 +227,7 @@ sub clientstart
- }
- exec($execcmd);
- }
-+ $self->clientpid($pid);
- }
-
- # Wait for incoming connection from client
-@@ -315,6 +318,10 @@ sub clientstart
- waitpid( $self->serverpid, 0);
- die "exit code $? from server process\n" if $? != 0;
- }
-+ die "clientpid is zero\n" if $self->clientpid == 0;
-+ print "Waiting for client process to close: ".$self->clientpid."\n";
-+ waitpid($self->clientpid, 0);
-+
- return 1;
- }
-
-@@ -508,6 +515,14 @@ sub serverpid
- }
- return $self->{serverpid};
- }
-+sub clientpid
-+{
-+ my $self = shift;
-+ if (@_) {
-+ $self->{clientpid} = shift;
-+ }
-+ return $self->{clientpid};
-+}
-
- sub fill_known_data
- {
---
-2.13.2
-
Modified: openssl/branches/1.1.0/debian/patches/no-symbolic.patch
===================================================================
--- openssl/branches/1.1.0/debian/patches/no-symbolic.patch 2017-11-02 15:38:32 UTC (rev 920)
+++ openssl/branches/1.1.0/debian/patches/no-symbolic.patch 2017-11-02 15:41:31 UTC (rev 921)
@@ -2,14 +2,16 @@
Makefile.shared | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
---- a/Makefile.shared
-+++ b/Makefile.shared
-@@ -164,7 +164,7 @@ LINK_SO_SHLIB_UNPACKED= \
+Index: openssl-1.1.0g/Makefile.shared
+===================================================================
+--- openssl-1.1.0g.orig/Makefile.shared
++++ openssl-1.1.0g/Makefile.shared
+@@ -154,7 +154,7 @@ LINK_SO_SHLIB_UNPACKED= \
DETECT_GNU_LD=($(CC) -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
DO_GNU_SO_COMMON=\
-- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
-+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$(SHLIBNAME_FULL)"
++ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname=$(SHLIBNAME_FULL)"
DO_GNU_DSO=\
- SHLIB=$(LIBNAME).so; \
- SHLIB_SOVER=; \
+ $(DO_GNU_SO_COMMON)
+ DO_GNU_SO=\
More information about the Pkg-openssl-changes
mailing list